From dda2549a144425e03f844a97e53c2e608fa9d0e7 Mon Sep 17 00:00:00 2001 From: Wolfy Date: Tue, 7 Apr 2020 13:03:36 -0400 Subject: [PATCH] Quotas Make quotas ip based. Clients now can not bypass quota by having more than 1 client --- src/Client.js | 16 ---------------- src/Message.js | 28 +++++++++++++++------------- src/User.js | 22 ++++++++++++++++++++++ src/db/users.json | 21 +++++++++++++++++++++ 4 files changed, 58 insertions(+), 29 deletions(-) diff --git a/src/Client.js b/src/Client.js index d3c4f32..c762e68 100644 --- a/src/Client.js +++ b/src/Client.js @@ -1,6 +1,3 @@ -const quotas = require('../Quotas'); -const RateLimit = require('./RateLimit.js').RateLimit; -const RateLimitChain = require('./RateLimit.js').RateLimitChain; const Room = require("./Room.js"); require('node-json-color-stringify'); class Client extends EventEmitter { @@ -17,19 +14,6 @@ class Client extends EventEmitter { this.ip = (req.connection.remoteAddress).replace("::ffff:", ""); this.destroied = false; this.bindEventListeners(); - this.quotas = { - //note: new limiter(2000, { allowance:3000, max:24000, maxHistLen:3}), - chat: { - lobby: new RateLimitChain(quotas.chat.lobby.amount, quotas.chat.lobby.time), - normal: new RateLimitChain(quotas.chat.normal.amount, quotas.chat.normal.time), - insane: new RateLimitChain(quotas.chat.insane.amount, quotas.chat.insane.time) - }, - name: new RateLimitChain(quotas.name.amount, quotas.name.time), - room: new RateLimit(quotas.room.time), - chown: new RateLimitChain(quotas.chown.amount, quotas.chown.time), - cursor: new RateLimit(quotas.cursor.time), - kickban: new RateLimitChain(quotas.kickban.amount, quotas.kickban.time), - } require('./Message.js')(this); } isConnected() { diff --git a/src/Message.js b/src/Message.js index 7cf8870..1d8d319 100644 --- a/src/Message.js +++ b/src/Message.js @@ -1,4 +1,5 @@ -const quotas = require('../Quotas'); +const NoteQuotas = require('../Quotas'); +let quotas; const User = require("./User.js"); module.exports = (cl) => { cl.once("hi", () => { @@ -12,6 +13,7 @@ module.exports = (cl) => { msg.v = "Beta"; cl.sendArray([msg]) cl.user = data; + quotas = cl.server.connections[cl.user._id].quotas; }) }) cl.on("t", msg => { @@ -23,24 +25,24 @@ module.exports = (cl) => { }]) }) cl.on("ch", msg => { - if (!cl.quotas.room.attempt()) return; + if (!quotas.room.attempt()) return; if (!msg.hasOwnProperty("set") || !msg.set) msg.set = {}; if (msg.hasOwnProperty("_id") && typeof msg._id == "string") { if (msg._id.length > 512) return; cl.setChannel(msg._id, msg.set); if (cl.channel.isLobby(cl.channel._id)) { - cl.sendArray([{m: 'nq', allowance: quotas.note.lobby.allowance, max: quotas.note.lobby.max, maxHistLen: quotas.note.lobby.maxHistLen}]) + cl.sendArray([{m: 'nq', allowance: NoteQuotas.note.lobby.allowance, max: NoteQuotas.note.lobby.max, maxHistLen: NoteQuotas.note.lobby.maxHistLen}]) } else { if (!(cl.user._id == cl.channel.crown.userId)) { - cl.sendArray([{m: 'nq', allowance: quotas.note.normal.allowance, max: quotas.note.normal.max, maxHistLen: quotas.note.normal.maxHistLen}]) + cl.sendArray([{m: 'nq', allowance: NoteQuotas.note.normal.allowance, max: NoteQuotas.note.normal.max, maxHistLen: NoteQuotas.note.normal.maxHistLen}]) } else { - cl.sendArray([{m: 'nq', allowance: quotas.note.insane.allowance, max: quotas.note.insane.max, maxHistLen: quotas.note.insane.maxHistLen}]) + cl.sendArray([{m: 'nq', allowance: NoteQuotas.note.insane.allowance, max: NoteQuotas.note.insane.max, maxHistLen: NoteQuotas.note.insane.maxHistLen}]) } } } }) cl.on("m", msg => { - if (!cl.quotas.cursor.attempt()) return; + if (!quotas.cursor.attempt()) return; if (!(cl.channel && cl.participantId)) return; if (!msg.hasOwnProperty("x")) msg.x = null; if (!msg.hasOwnProperty("y")) msg.y = null; @@ -50,7 +52,7 @@ module.exports = (cl) => { }) cl.on("chown", msg => { - if (!cl.quotas.chown.attempt()) return; + if (!quotas.chown.attempt()) return; if (!(cl.channel && cl.participantId)) return; //console.log((Date.now() - cl.channel.crown.time)) //console.log(!(cl.channel.crown.userId != cl.user._id), !((Date.now() - cl.channel.crown.time) > 15000)); @@ -73,12 +75,12 @@ module.exports = (cl) => { }) cl.on("a", msg => { if (cl.channel.isLobby(cl.channel._id)) { - if (!cl.quotas.chat.lobby.attempt()) return; + if (!quotas.chat.lobby.attempt()) return; } else { if (!(cl.user._id == cl.channel.crown.userId)) { - if (!cl.quotas.chat.normal.attempt()) return; + if (!quotas.chat.normal.attempt()) return; } else { - if (!cl.quotas.chat.insane.attempt()) return; + if (!quotas.chat.insane.attempt()) return; } } if (!(cl.channel && cl.participantId)) return; @@ -121,7 +123,7 @@ module.exports = (cl) => { cl.server.roomlisteners.delete(cl.connectionid); }) cl.on("userset", msg => { - if (!cl.quotas.name.attempt()) return; + if (!quotas.name.attempt()) return; if (!(cl.channel && cl.participantId)) return; if (!msg.hasOwnProperty("set") || !msg.set) msg.set = {}; if (msg.set.hasOwnProperty('name') && typeof msg.set.name == "string") { @@ -143,7 +145,7 @@ module.exports = (cl) => { } }) cl.on('kickban', msg => { - if (!cl.quotas.kickban.attempt()) return; + if (!quotas.kickban.attempt()) return; if (!(cl.channel && cl.participantId)) return; if (!(cl.user._id == cl.channel.crown.userId)) return; if (msg.hasOwnProperty('_id') && typeof msg._id == "string") { @@ -250,4 +252,4 @@ module.exports = (cl) => { cl.channel.Notification(msg.content); console.log(msg.content); }) -} +} \ No newline at end of file diff --git a/src/User.js b/src/User.js index 7c4a960..a1a43fc 100644 --- a/src/User.js +++ b/src/User.js @@ -1,3 +1,6 @@ +const quotas = require('../Quotas'); +const RateLimit = require('./RateLimit.js').RateLimit; +const RateLimitChain = require('./RateLimit.js').RateLimitChain; const ColorEncoder = require("./ColorEncoder.js"); const { promisify } = require('util'); let userdb; @@ -13,6 +16,25 @@ class User { await this.setUpDb(); } let _id = createKeccakHash('keccak256').update((this.cl.server._id_Private_Key + this.cl.ip)).digest('hex').substr(0, 24); + if(this.server.connections[_id]){ // Connection rate quota? + //if(this.connectionsObjects[_id].connections.length < 10) this.connectionsObjects[_id].connections.push({room:undefined,ws:ws,cl:new Connection(ws)}); + }else{ + this.server.connections[_id] = { + quotas:{ + //note: new limiter(2000, { allowance:3000, max:24000, maxHistLen:3}), + chat: { + lobby: new RateLimitChain(quotas.chat.lobby.amount, quotas.chat.lobby.time), + normal: new RateLimitChain(quotas.chat.normal.amount, quotas.chat.normal.time), + insane: new RateLimitChain(quotas.chat.insane.amount, quotas.chat.insane.time) + }, + name: new RateLimitChain(quotas.name.amount, quotas.name.time), + room: new RateLimit(quotas.room.time), + chown: new RateLimitChain(quotas.chown.amount, quotas.chown.time), + cursor: new RateLimit(quotas.cursor.time), + kickban: new RateLimitChain(quotas.kickban.amount, quotas.kickban.time), + } + }; + }; //console.log("CONNECTED IP: " + this.cl.ip); let usertofind = userdb.get(_id); if (!usertofind) { diff --git a/src/db/users.json b/src/db/users.json index 50dd7fe..6944412 100644 --- a/src/db/users.json +++ b/src/db/users.json @@ -110,5 +110,26 @@ "name": "Anonymous", "_id": "651d3e63d8a738ac1a40ed9f", "ip": "77.111.247.71" + }, + "310260bf24ad833846100e82": { + "color": "#5091f3", + "noteColor": "#5091f3", + "name": "Anonymous", + "_id": "310260bf24ad833846100e82", + "ip": "54.172.205.12" + }, + "c6d435dd7fa48be7cea001ba": { + "color": "#e4f154", + "noteColor": "#e4f154", + "name": "Anonymous", + "_id": "c6d435dd7fa48be7cea001ba", + "ip": "75.91.45.152" + }, + "4828437c28f608315e2a3051": { + "color": "#5c1ec9", + "noteColor": "#5c1ec9", + "name": "Samsung", + "_id": "4828437c28f608315e2a3051", + "ip": "23.237.128.50" } } \ No newline at end of file